CiProvider as a new OIDCIssuer type

sigstore / fulcio

Sigstore OIDC PKI

Apache License 2.0

621 stars 132 forks source link

CiProvider as a new OIDCIssuer type #1679

Open javanlacerda opened 1 month ago

javanlacerda commented 1 month ago

Contribute towards #1111

Summary

It adds CiProvider as a new OIDCIssuer type. We will migrate all ci providers to use a generic principal by changing their types to this new type.

It should not change any current behavior.

Release Note

Documentation

cc @haydentherapper

javanlacerda commented 1 month ago

and when you have time can you describe the PR and why we need that?

thanks!

Sure! I apologize I hadn't do that already. I am working on this issue https://github.com/sigstore/fulcio/issues/1111. My plan is having a generic module that handle ci providers id tokens claims defined in a configuration file, in this case, a yaml file.

I'll put a more detailed description in the PR summary soon.

haydentherapper commented 1 month ago

@cpanato, the motivation is to simplify CI/CD OIDC provider onboarding. Rather than have each OIDC provider have to modify code to add a new provider, they instead should only need to modify a configuration file which will contain the mapping between OIDC claim and x509 extension value.

cpanato commented 1 month ago

@cpanato, the motivation is to simplify CI/CD OIDC provider onboarding. Rather than have each OIDC provider have to modify code to add a new provider, they instead should only need to modify a configuration file which will contain the mapping between OIDC claim and x509 extension value.

that is nice! thanks for the clarification

codecov[bot] commented 3 weeks ago

Codecov Report

Attention: Patch coverage is 76.00000% with 24 lines in your changes missing coverage. Please review.

Project coverage is 49.48%. Comparing base (cf238ac) to head (8ab3f2a). Report is 129 commits behind head on main.

Files	Patch %	Lines
pkg/identity/ciprovider/principal.go	71.42%	10 Missing and 10 partials :warning:
pkg/challenges/challenges.go	0.00%	2 Missing :warning:
pkg/identity/ciprovider/issuer.go	71.42%	1 Missing and 1 partial :warning:

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #1679 +/- ## ========================================== - Coverage 57.93% 49.48% -8.45% ========================================== Files 50 71 +21 Lines 3119 4181 +1062 ========================================== + Hits 1807 2069 +262 - Misses 1154 1881 +727 - Partials 158 231 +73 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

haydentherapper commented 6 days ago

Once this PR is ready for review and all comments addressed, can you post here?

javanlacerda commented 4 days ago

Once this PR is ready for review and all comments addressed, can you post here?

Hey @haydentherapper, could you take a look?